CVE-2020-15351

Published: Jun 26, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITY\SYSTEM by substituting the service's binary with a malicious one.

Affected (1)

Products: Idrive: Idrive

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Idrive Idrive	Before 6.7.3.19

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (4)

https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-004.md

Source: cve@mitre.org

Third Party Advisory

https://www.idrive.com/release-info#win

Source: cve@mitre.org

Vendor Advisory

https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-004.md

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.idrive.com/release-info#win

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.